[Feature Request] Implement POP (SHR) for confidential client bringing your own keys (#2)

[trwalke]

What MSAL implements today:

• WithProofOfPossession API
• this is available on .NET desktop for public client only
• there exists an internal interface IPoPCryptoProvider for key management
• key management is done by storing key on disk in a container (similar to DPAPI protection)

Tasks to complete:

First deliverable

1. Refactor WithProofOfPossession public API to be more like MSAL Android's implementation (api and example) and take into consideration the fact that Method and Url are optional.

Second deliverable

2. [Needs discussion] Refactor IPoPCryptoProvider interface to provide a higher level abstraction. The current CannonicalPublicKeyJwk is pretty low level. Or maybe it's ok as Wilson can plugin here.
3. Make IPoPCryptoProvider class public and expose a new overload of WithProofOfPossession that takes in a IPoPCryptoProvider so that customers can define their own key management.

[trwalke]

Continuation of #1946

[jmprieur]

@trwalke do we need to do more ?

[bgavrilMS]

@jmprieur - the second deliverable is around exposing an interface that enables users to bring their own POP keys.
I'd say that a 3rd deliverable is to align our public API to the Android API, which has been approved in Api Reviews.

[bgavrilMS]

Blocked on spec.